IETF Logo Mail Archive

RE: [OSPF] Revised OSPF HMAC SHA Authentication Draft

sujay <sujayg@huawei.com> Wed, 23 August 2006 06:58 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFmh7-0006QM-Pk; Wed, 23 Aug 2006 02:58:33 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFmh7-0006Nb-8U for ospf@ietf.org; Wed, 23 Aug 2006 02:58:33 -0400
Received: from szxga01-in.huawei.com ([61.144.161.53]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GFmh1-0006Is-GQ for ospf@ietf.org; Wed, 23 Aug 2006 02:58:33 -0400
Received: from huawei.com (szxga01-in [172.24.2.3]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0J4F006SCVGG9F@szxga01-in.huawei.com> for ospf@ietf.org; Wed, 23 Aug 2006 15:00:17 +0800 (CST)
Received: from huawei.com ([172.24.1.24]) by szxga01-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0J4F00EAUVGGQ0@szxga01-in.huawei.com> for ospf@ietf.org; Wed, 23 Aug 2006 15:00:16 +0800 (CST)
Received: from dell60 ([10.18.7.146]) by szxml04-in.huawei.com (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTPA id <0J4F004BLVVG6K@szxml04-in.huawei.com> for ospf@ietf.org; Wed, 23 Aug 2006 15:09:17 +0800 (CST)
Date: Wed, 23 Aug 2006 12:27:05 +0530
From: sujay <sujayg@huawei.com>
Subject: RE: [OSPF] Revised OSPF HMAC SHA Authentication Draft
In-reply-to: <44EB7216.3080008@cisco.com>
To: ospf@ietf.org
Message-id: <002901c6c681$5897c4e0$9207120a@china.huawei.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1807
X-Mailer: Microsoft Office Outlook 11
Content-type: text/plain; charset="gb2312"
Content-transfer-encoding: quoted-printable
Thread-index: AcbGRxq5RiqzzH8WQpio6aqdIoVLMgAOI3sA
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d0bdc596f8dd1c226c458f0b4df27a88
Cc:
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
Errors-To: ospf-bounces@ietf.org

I would prefer maintain using Au Type = 2  for the new algo's as well.
With a thought ; as there is a possibility of more algo's to be added in
te same scheme with Au Type = 2, and there is some talk about MD5 being
the most used in implementations.

Can we have a default algo. concept??

Regds,
Sujay G
My Location;
http://maps.google.com/maps?ll=14.626109,76.959229&spn=4.724852,7.525085&t=h
&hl=en


This e-mail and attachments contain confidential information from HUAWEI,
which is intended only for the person or entity whose address is listed
above. Any use of the information contained herein in any way (including,
but not limited to, total or partial disclosure, reproduction, or
dissemination) by persons other than the intended recipient's) is
prohibited. If you receive this e-mail in error, please notify the sender by
phone or email immediately and delete it! 
-----Original Message-----
From: Russ White [mailto:riw@cisco.com] 
Sent: 2006年8月23日 2:38
To: Acee Lindem
Cc: ospf@ietf.org
Subject: Re: [OSPF] Revised OSPF HMAC SHA Authentication Draft

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> I'd also vote against this since the standardized definition of 
> cryptographic authentication (AuType = 2) was designed to accommodate 
> different hash algorithms. Based on the discussion heretofore, it 
> seems that its definition satisfies this requirement. Additionally, I 
> don't see any compatibility problems with implementations 
> unequivocally map AuType 2 to MD5 authentication. As one would expect, 
> authentication will fail (at least with a very high probability :^) if 
> there is a mismatch between configured hash algorithms.

Agreed--I would agree this is the best way to handle this.

:-)

Russ

- --
riw@cisco.com CCIE <>< Grace Alone

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE63IWER27sUhU9OQRAlQ9AKDMTNxCGSlvsYfm13dimdbPkZUBMwCgxLPO
kG7cKpSwagLsx+4T2ZjbB+Q=
=wtHk
-----END PGP SIGNATURE-----

_______________________________________________
OSPF mailing list
OSPF@ietf.org
https://www1.ietf.org/mailman/listinfo/ospf


_______________________________________________
OSPF mailing list
OSPF@ietf.org
https://www1.ietf.org/mailman/listinfo/ospf

v2.23.0 | Report a Bug | By Email